Senior IT Auditor, Assurance

Description Please Note:Fidelity Canada Internal Audit provides independent and objective assurance and advisory services, improve customer service, and enhance overall organization value and business performance. This mission is accomplished through assessing the adequacy and effectiveness of controls, compliance, and risk management and governance processes, reporting on issues and solutions that improve Fidelity Canada’s control environment, promoting best practices and continuous improvements and responding to change with a sense of urgency through continuous risk assessment and resource allocation. Their primary motivation is to manage risk, drive positive change and promote a risk culture of proactive enterprise risk management.The Opportunity:The role of the Senior IT Auditor, Assurance & Advisory is to deliver technology-focused audit assignments as part of a wider team to verify applications (including their development and support) and infrastructure, as well as ensuring this is effectively controlled and that risks are mitigated. You will be required to lead and participate in the planning and execution of audit assignments in line with the audit methodology, as well as produce findings and draft reports for presentations to Senior Management. The role will report directly to the Vice President of Internal Audit in Canada.The successful candidate will play a key role in assisting the Senior Manager of Internal Audit grow and deepen the technology audit footprint (depth and breadth), and have the opportunity to help shape and build technology audit capabilities in Canada and across the Fidelity International group.What You Will Do:Deliver technology-focused audit assignments to ensure applications, development/support processes, and infrastructure are effectively controlled and risks are mitigated.Lead and participate in planning and execution of audits in line with the agile audit methodology.Produce findings and draft reports for presentation to Senior Management.Assess IT controls across applications, infrastructure, and development processes.Plan and execute audit scope coverage, fieldwork and testing within the given timeframe.Document audit testing using best practices and form conclusions based on the outcome of the testing, including the identification of areas in need of improvement, and assisting Technology in the development of an action plan.Keep Internal Audit and stakeholders management fully informed of the progress of all assignments and following-up issues to ensure that all agreed improvements have been actioned.Work alongside business auditors to deliver ‘integrated’ audits by testing specific IT general and application controls supporting business process.Provide advisory type of services to stakeholders by quickly developing an understanding of management requests / projects, and providing real time feedback and recommendations to assist business mitigating risks.Draft audit reports that provide a clear description of issues identified, related business impact, and proposed action plans/control enhancement opportunities.Engage with stakeholders for the validation and timely closure of audit findings.Perform business unit risk assessments, evaluate business initiatives, organizational and regulatory changes, and identify any audit gaps and control weaknesses within the information technology audit universe.Work with business stakeholders to assess, identify risks, advise and consult on a wide variety of technology related topics, including but not limited to: Cybersecurity; Cloud Computing; Data Governance and Architecture and Emerging Technologies:CybersecurityCloudData GovernanceEmerging TechnologiesThe Expertise You Bring:Deep understanding of IT audit methodologies and frameworks (e.g., COBIT, NIST, ISO).Strong knowledge of application development, infrastructure, and IT operations. Expertise in technology risk and control frameworks. Ability to collaborate globally and influence technology audit strategy. Proven experience in IT audit, risk management, and control frameworks. Strong leadership and project management skills. Ability to contribute to shaping technology audit strategy and capabilities. Forward-thinking approach to emerging technology risks and audit trends.Excellent communication skills to vocalize and communicate concisely and clearly articulate thoughts and ideas across all levels (written, verbal, presentation).Identifies and acquires the necessary data to meet the use case objectives, and explores data to build foundational data knowledge in the subject domain, in partnership with data ownersPresents technical analyses in a meaningful and intuitive manner, in accordance with the target audienceStrong proficiency in developing applications using languages such as Python, Javascript or others with a focus on creating user-friendly interfacesExpert knowledge and extensive experience related to technology controls and risks associated with products across asset management.Strong knowledge of audit principles, frameworks and standards such as IIA, ISACA and NIST standards.Outstanding oral and written communication skills and ability to communicate clearly and concise at all levels.Strong client management, and problem-solving skills, and ability to respond effectively to changing business needs.Ability to build strong relationships and influence senior stakeholders.Excellent organizational skills and delivery focus with an ability to work to tight deadlines.High energy, positive attitude and goal driven; ability to work effectively in a team while being flexible and adaptable.What We're Looking For:5+ years of relevant work experienceUniversity degree (BS/BA in accounting, computer science or other IT-related field) required, or equivalent work experience.CISA/CISM or equivalent is required. CISSP or Security related certifications will be a plus.Experience in leading IT application and infrastructure related audit engagement throughout an audit cycle from planning to reporting, preferably in financial services (i.e., asset management, brokerage).Deep experience with most common operating systems (Windows, Linux, iOS, Android) and databases (Oracle, SQL as well as cloud-based database, i.e., Snowflake).Experience with enterprise cloud infrastructures such as Amazon Web Services, Office 365, and Azure.Sustained hands-on technical experience working in cybersecurity and ransomware.Strong understanding of emerging technology (AI/ML).Total Rewards That Reflect Your ImpactWe believe exceptional work deserves exceptional recognition. That’s why we offer a competitive compensation package designed to support your success today—and your financial well-being tomorrow.For this role, your total rewards include:Base Salary: A competitive annual range of $105,000 to $120,000, based on your experience and qualifications.Performance Bonus: Eligible for a discretionary bonus that rewards your contributions and results.RRSP Contribution: After 6 months of employment, we invest in your future with an RRSP contribution—no employee matching required.We’re proud to offer a compensation package that aligns with provincial pay transparency requirements.This posting represents an existing vacancy within our organization—an opportunity to step into a role where your talents will make a meaningful difference.